Blame
Date:
Thu Oct 15 07:11:48 2020 UTC
Message:
up the debug a bit further while we're chasing a bug.
001
2019-02-24
pjp
/*
002
2019-02-24
pjp
* Copyright (c) 2019 Peter J. Philipp
003
2019-02-24
pjp
* All rights reserved.
004
2019-02-24
pjp
*
005
2019-02-24
pjp
* Redistribution and use in source and binary forms, with or without
006
2019-02-24
pjp
* modification, are permitted provided that the following conditions
007
2019-02-24
pjp
* are met:
008
2019-02-24
pjp
* 1. Redistributions of source code must retain the above copyright
009
2019-02-24
pjp
* notice, this list of conditions and the following disclaimer.
010
2019-02-24
pjp
* 2. Redistributions in binary form must reproduce the above copyright
011
2019-02-24
pjp
* notice, this list of conditions and the following disclaimer in the
012
2019-02-24
pjp
* documentation and/or other materials provided with the distribution.
013
2019-02-24
pjp
* 3. The name of the author may not be used to endorse or promote products
014
2019-02-24
pjp
* derived from this software without specific prior written permission
015
2019-02-24
pjp
*
016
2019-02-24
pjp
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
017
2019-02-24
pjp
* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
018
2019-02-24
pjp
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
019
2019-02-24
pjp
* IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
020
2019-02-24
pjp
* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
021
2019-02-24
pjp
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
022
2019-02-24
pjp
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
023
2019-02-24
pjp
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
024
2019-02-24
pjp
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
025
2019-02-24
pjp
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
026
2019-02-24
pjp
*
027
2019-02-24
pjp
*/
028
2019-02-24
pjp
029
2019-02-24
pjp
/*
030
2019-06-28
pjp
* $Id: tsig.c,v 1.4 2019/06/28 06:44:07 pjp Exp $
031
2019-02-24
pjp
*/
032
2019-02-24
pjp
033
2019-02-24
pjp
034
2019-02-24
pjp
/*
035
2019-02-24
pjp
* this file is based on filter.c
036
2019-02-24
pjp
*/
037
2019-02-24
pjp
038
2019-06-06
pjp
#include <sys/types.h>
039
2019-06-06
pjp
#include <sys/socket.h>
040
2019-06-06
pjp
041
2019-06-06
pjp
#include <netinet/in.h>
042
2019-06-06
pjp
#include <arpa/inet.h>
043
2019-06-06
pjp
#include <netdb.h>
044
2019-06-06
pjp
045
2019-06-06
pjp
#include <stdio.h>
046
2019-06-06
pjp
#include <stdlib.h>
047
2019-06-06
pjp
#include <string.h>
048
2019-06-06
pjp
049
2019-06-06
pjp
#ifdef __linux__
050
2019-06-06
pjp
#include <grp.h>
051
2019-06-06
pjp
#define __USE_BSD 1
052
2019-06-06
pjp
#include <endian.h>
053
2019-06-06
pjp
#include <bsd/stdlib.h>
054
2019-06-06
pjp
#include <bsd/string.h>
055
2019-06-06
pjp
#include <bsd/sys/queue.h>
056
2019-06-06
pjp
#define __unused
057
2019-06-06
pjp
#include <bsd/sys/tree.h>
058
2019-06-06
pjp
#include <bsd/sys/endian.h>
059
2019-06-06
pjp
#else /* not linux */
060
2019-06-06
pjp
#include <sys/queue.h>
061
2019-06-06
pjp
#include <sys/tree.h>
062
2019-06-06
pjp
#endif /* __linux__ */
063
2019-06-06
pjp
064
2019-02-24
pjp
#include "ddd-dns.h"
065
2019-02-24
pjp
#include "ddd-db.h"
066
2019-02-24
pjp
067
2019-02-24
pjp
int find_tsig(struct sockaddr_storage *, int);
068
2019-02-24
pjp
void init_tsig(void);
069
2019-02-24
pjp
int insert_tsig(char *, char *);
070
2019-02-24
pjp
int find_tsig_key(char *, int, char *, int);
071
2019-02-24
pjp
void init_tsig_key(void);
072
2019-02-24
pjp
int insert_tsig_key(char *, int, char *, int);
073
2019-02-24
pjp
074
2019-02-24
pjp
extern void dolog(int, char *, ...);
075
2019-02-24
pjp
extern in_addr_t getmask(int);
076
2019-02-24
pjp
extern int getmask6(int, struct sockaddr_in6 *);
077
2019-02-24
pjp
extern int memcasecmp(u_char *, u_char *, int);
078
2019-02-24
pjp
079
2019-02-24
pjp
extern int debug, verbose;
080
2019-02-24
pjp
081
2019-02-24
pjp
int tsig = 0; /* tsig is off by default */
082
2019-02-24
pjp
SLIST_HEAD(, tsigkeyentry) tsigkeyhead;
083
2019-02-24
pjp
084
2019-02-24
pjp
static struct tsigkeyentry {
085
2019-02-24
pjp
char *keyname;
086
2019-02-24
pjp
int keynamelen;
087
2019-02-24
pjp
char *key;
088
2019-02-24
pjp
int keylen;
089
2019-02-24
pjp
SLIST_ENTRY(tsigkeyentry) tsig_key_entry;
090
2019-02-24
pjp
} *tk2, *tknp;
091
2019-02-24
pjp
092
2019-02-24
pjp
093
2019-02-24
pjp
SLIST_HEAD(, tsigentry) tsighead;
094
2019-02-24
pjp
static struct tsigentry {
095
2019-02-24
pjp
char name[INET6_ADDRSTRLEN];
096
2019-02-24
pjp
int family;
097
2019-02-24
pjp
struct sockaddr_storage hostmask;
098
2019-02-24
pjp
struct sockaddr_storage netmask;
099
2019-02-24
pjp
u_int8_t prefixlen;
100
2019-02-24
pjp
SLIST_ENTRY(tsigentry) tsig_entry;
101
2019-02-24
pjp
} *tsign2, *tsignp;
102
2019-02-24
pjp
103
2019-02-24
pjp
104
2019-02-24
pjp
/*
105
2019-02-24
pjp
* INIT_FILTER - initialize the tsig singly linked list
106
2019-02-24
pjp
*/
107
2019-02-24
pjp
108
2019-02-24
pjp
void
109
2019-02-24
pjp
init_tsig(void)
110
2019-02-24
pjp
{
111
2019-02-24
pjp
SLIST_INIT(&tsighead);
112
2019-02-24
pjp
return;
113
2019-02-24
pjp
}
114
2019-02-24
pjp
115
2019-02-24
pjp
/*
116
2019-02-24
pjp
* INSERT_FILTER - insert an address and prefixlen into the tsig slist
117
2019-02-24
pjp
*/
118
2019-02-24
pjp
119
2019-02-24
pjp
int
120
2019-02-24
pjp
insert_tsig(char *address, char *prefixlen)
121
2019-02-24
pjp
{
122
2019-02-24
pjp
struct sockaddr_in *sin;
123
2019-02-24
pjp
struct sockaddr_in6 *sin6;
124
2019-02-24
pjp
int pnum;
125
2019-02-24
pjp
int ret;
126
2019-02-24
pjp
127
2019-02-24
pjp
pnum = atoi(prefixlen);
128
2019-02-24
pjp
tsign2 = malloc(sizeof(struct tsigentry)); /* Insert after. */
129
2019-02-24
pjp
130
2019-02-24
pjp
if (strchr(address, ':') != NULL) {
131
2019-02-24
pjp
tsign2->family = AF_INET6;
132
2019-02-24
pjp
sin6 = (struct sockaddr_in6 *)&tsign2->hostmask;
133
2019-02-24
pjp
if ((ret = inet_pton(AF_INET6, address, &sin6->sin6_addr.s6_addr)) != 1)
134
2019-02-24
pjp
return (-1);
135
2019-02-24
pjp
sin6->sin6_family = AF_INET6;
136
2019-02-24
pjp
sin6 = (struct sockaddr_in6 *)&tsign2->netmask;
137
2019-02-24
pjp
sin6->sin6_family = AF_INET6;
138
2019-02-24
pjp
if (getmask6(pnum, sin6) < 0)
139
2019-02-24
pjp
return(-1);
140
2019-02-24
pjp
tsign2->prefixlen = pnum;
141
2019-02-24
pjp
} else {
142
2019-02-24
pjp
143
2019-02-24
pjp
tsign2->family = AF_INET;
144
2019-02-24
pjp
sin = (struct sockaddr_in *)&tsign2->hostmask;
145
2019-02-24
pjp
sin->sin_family = AF_INET;
146
2019-02-24
pjp
sin->sin_addr.s_addr = inet_addr(address);
147
2019-02-24
pjp
sin = (struct sockaddr_in *)&tsign2->netmask;
148
2019-02-24
pjp
sin->sin_family = AF_INET;
149
2019-02-24
pjp
sin->sin_addr.s_addr = getmask(pnum);
150
2019-02-24
pjp
tsign2->prefixlen = pnum;
151
2019-02-24
pjp
152
2019-02-24
pjp
}
153
2019-02-24
pjp
154
2019-02-24
pjp
SLIST_INSERT_HEAD(&tsighead, tsign2, tsig_entry);
155
2019-02-24
pjp
156
2019-02-24
pjp
return (0);
157
2019-02-24
pjp
}
158
2019-02-24
pjp
159
2019-02-24
pjp
/*
160
2019-02-24
pjp
* FIND_FILTER - walk the tsig list and find the correponding network
161
2019-02-24
pjp
* if a network matches return 1, if no match is found return
162
2019-02-24
pjp
* 0.
163
2019-02-24
pjp
*/
164
2019-02-24
pjp
165
2019-02-24
pjp
int
166
2019-02-24
pjp
find_tsig(struct sockaddr_storage *sst, int family)
167
2019-02-24
pjp
{
168
2019-02-24
pjp
struct sockaddr_in *sin, *sin0;
169
2019-02-24
pjp
struct sockaddr_in6 *sin6, *sin60, *sin61;
170
2019-02-24
pjp
u_int32_t hostmask, netmask;
171
2019-02-24
pjp
u_int32_t a;
172
2019-02-24
pjp
#ifdef __amd64
173
2019-02-24
pjp
u_int64_t *hm[2], *nm[2], *a6[2];
174
2019-02-24
pjp
#else
175
2019-02-24
pjp
u_int32_t *hm[4], *nm[4], *a6[4];
176
2019-02-24
pjp
#endif
177
2019-02-24
pjp
178
2019-02-24
pjp
SLIST_FOREACH(tsignp, &tsighead, tsig_entry) {
179
2019-02-24
pjp
if (tsignp->family == AF_INET) {
180
2019-02-24
pjp
if (family != AF_INET)
181
2019-02-24
pjp
continue;
182
2019-02-24
pjp
sin = (struct sockaddr_in *)sst;
183
2019-02-24
pjp
a = sin->sin_addr.s_addr;
184
2019-02-24
pjp
sin = (struct sockaddr_in *)&tsignp->hostmask;
185
2019-02-24
pjp
sin0 = (struct sockaddr_in *)&tsignp->netmask;
186
2019-02-24
pjp
hostmask = sin->sin_addr.s_addr;
187
2019-02-24
pjp
netmask = sin0->sin_addr.s_addr;
188
2019-02-24
pjp
if ((hostmask & netmask) == (a & netmask)) {
189
2019-02-24
pjp
return (1);
190
2019-02-24
pjp
} /* if hostmask */
191
2019-02-24
pjp
} else if (tsignp->family == AF_INET6) {
192
2019-02-24
pjp
if (family != AF_INET6)
193
2019-02-24
pjp
continue;
194
2019-02-24
pjp
sin6 = (struct sockaddr_in6 *)sst;
195
2019-02-24
pjp
sin60 = (struct sockaddr_in6 *)&tsignp->hostmask;
196
2019-02-24
pjp
sin61 = (struct sockaddr_in6 *)&tsignp->netmask;
197
2019-02-24
pjp
#ifdef __amd64
198
2019-02-24
pjp
/*
199
2019-02-24
pjp
* If this is on a 64 bit machine, we'll benefit
200
2019-02-24
pjp
* by using 64 bit registers, this should make it
201
2019-02-24
pjp
* a tad faster...
202
2019-02-24
pjp
*/
203
2019-02-24
pjp
hm[0] = (u_int64_t *)&sin60->sin6_addr.s6_addr;
204
2019-02-24
pjp
hm[1] = (hm[0] + 1);
205
2019-02-24
pjp
nm[0] = (u_int64_t *)&sin61->sin6_addr.s6_addr;
206
2019-02-24
pjp
nm[1] = (nm[0] + 1);
207
2019-02-24
pjp
a6[0] = (u_int64_t *)&sin6->sin6_addr.s6_addr;
208
2019-02-24
pjp
a6[1] = (a6[0] + 1);
209
2019-02-24
pjp
if ( ((*hm[0] & *nm[0]) == (*a6[0] & *nm[0]))&&
210
2019-02-24
pjp
((*hm[1] & *nm[1]) == (*a6[1] & *nm[1]))) {
211
2019-02-24
pjp
#else
212
2019-02-24
pjp
hm[0] = (u_int32_t *)&sin60->sin6_addr.s6_addr;
213
2019-02-24
pjp
hm[1] = (hm[0] + 1); hm[2] = (hm[1] + 1);
214
2019-02-24
pjp
hm[3] = (hm[2] + 1);
215
2019-02-24
pjp
nm[0] = (u_int32_t *)&sin61->sin6_addr.s6_addr;
216
2019-02-24
pjp
nm[1] = (nm[0] + 1); nm[2] = (nm[1] + 1);
217
2019-02-24
pjp
nm[3] = (nm[2] + 1);
218
2019-02-24
pjp
a6[0] = (u_int32_t *)&sin6->sin6_addr.s6_addr;
219
2019-02-24
pjp
a6[1] = (a6[0] + 1); a6[2] = (a6[1] + 1);
220
2019-02-24
pjp
a6[3] = (a6[2] + 1);
221
2019-02-24
pjp
222
2019-02-24
pjp
if ( ((*hm[0] & *nm[0]) == (*a6[0] & *nm[0]))&&
223
2019-02-24
pjp
((*hm[1] & *nm[1]) == (*a6[1] & *nm[1]))&&
224
2019-02-24
pjp
((*hm[2] & *nm[2]) == (*a6[2] & *nm[2]))&&
225
2019-02-24
pjp
((*hm[3] & *nm[3]) == (*a6[3] & *nm[3]))) {
226
2019-02-24
pjp
#endif
227
2019-02-24
pjp
228
2019-02-24
pjp
return (1);
229
2019-02-24
pjp
} /* if ip6 address */
230
2019-02-24
pjp
231
2019-02-24
pjp
} /* if AF_INET6 */
232
2019-02-24
pjp
} /* SLIST */
233
2019-02-24
pjp
234
2019-02-24
pjp
return (0);
235
2019-02-24
pjp
}
236
2019-02-24
pjp
237
2019-02-24
pjp
238
2019-02-24
pjp
239
2019-02-24
pjp
/*
240
2019-02-24
pjp
* INIT_TSIG_KEY - initialize the tsig key singly linked list
241
2019-02-24
pjp
*/
242
2019-02-24
pjp
243
2019-02-24
pjp
void
244
2019-02-24
pjp
init_tsig_key(void)
245
2019-02-24
pjp
{
246
2019-02-24
pjp
SLIST_INIT(&tsigkeyhead);
247
2019-02-24
pjp
return;
248
2019-02-24
pjp
}
249
2019-02-24
pjp
250
2019-02-24
pjp
/*
251
2019-02-24
pjp
* INSERT_TSIG - insert an address and prefixlen into the tsig slist
252
2019-02-24
pjp
*/
253
2019-02-24
pjp
254
2019-02-24
pjp
int
255
2019-02-24
pjp
insert_tsig_key(char *key, int keylen, char *keyname, int keynamelen)
256
2019-02-24
pjp
{
257
2019-02-24
pjp
tk2 = malloc(sizeof(struct tsigkeyentry)); /* Insert after. */
258
2019-02-24
pjp
if (tk2 == NULL)
259
2019-02-24
pjp
return -1;
260
2019-02-24
pjp
261
2019-02-24
pjp
tk2->key = malloc(keylen);
262
2019-02-24
pjp
if (tk2->key == NULL)
263
2019-02-24
pjp
return -1;
264
2019-02-24
pjp
265
2019-02-24
pjp
memcpy(tk2->key, key, keylen);
266
2019-02-24
pjp
tk2->keylen = keylen;
267
2019-02-24
pjp
268
2019-02-24
pjp
tk2->keyname = malloc(keynamelen);
269
2019-02-24
pjp
if (tk2->keyname == NULL) {
270
2019-02-24
pjp
return -1;
271
2019-02-24
pjp
}
272
2019-02-24
pjp
memcpy(tk2->keyname, keyname, keynamelen);
273
2019-02-24
pjp
tk2->keynamelen = keynamelen;
274
2019-02-24
pjp
275
2019-02-24
pjp
SLIST_INSERT_HEAD(&tsigkeyhead, tk2, tsig_key_entry);
276
2019-02-24
pjp
277
2019-02-24
pjp
return (0);
278
2019-02-24
pjp
}
279
2019-02-24
pjp
280
2019-02-24
pjp
/*
281
2019-02-24
pjp
* FIND_TSIG_KEY - walk the tsig list and find the correponding key
282
2019-02-24
pjp
*/
283
2019-02-24
pjp
284
2019-02-24
pjp
int
285
2019-02-24
pjp
find_tsig_key(char *keyname, int keynamelen, char *key, int keylen)
286
2019-02-24
pjp
{
287
2019-02-24
pjp
SLIST_FOREACH(tknp, &tsigkeyhead, tsig_key_entry) {
288
2019-02-24
pjp
if (keynamelen == tknp->keynamelen &&
289
2019-02-24
pjp
memcasecmp(tknp->keyname, keyname, keynamelen) == 0) {
290
2019-02-24
pjp
291
2019-02-24
pjp
if (keylen < tknp->keylen)
292
2019-02-24
pjp
return -1;
293
2019-02-24
pjp
294
2019-02-24
pjp
memcpy(key, tknp->key, tknp->keylen);
295
2019-02-24
pjp
296
2019-02-24
pjp
return (tknp->keylen);
297
2019-02-24
pjp
}
298
2019-02-24
pjp
} /* SLIST */
299
2019-02-24
pjp
300
2019-02-24
pjp
return -1;
301
2019-02-24
pjp
}
repomaster@centroid.eu